LDAP integration: is it feasible to access without the Domain Component?

Last activity on October 1, 2023 - 11:21 4.9k Views 3 Replies Professional ARIS

PG

Pedro Guerrero on November 21, 2018

Hello everyone

Last week we managed to connect ARIS to our customer's Active Directory successfully. Now the windows users can easily access ARIS using <dc>\<windows_user> at the time of logging in.

The customer wants to have all their employees using the <windows_user> without having to type "<dc>\" beforehand. Here's an example

Current situation

Expected situation

From what we've done sor far is that the IT specialist suggested us to uncheck the "Activate multiple LDAP integration" option in Configuration/User Management/LDAP/General Settings. However, it didn't work.

Is there any way to address this?

Thank you very much for your assistance

Kind regards

Pedro.

EDIT: at this moment I have used the option "Activate multiple LDAP integration" unchecked then "Additional Functions" / "Start LDAP Import". After that, I click on a particular user and then I click the "Synchronize with LDAP" button and it's been working on most users.

Now my question is, is there a way to massively synchronize with the LDAP server without going one by one?

Sign in or register to reply.

Notify Moderator

3 Replies

PG

Pedro Guerrero Author on November 28, 2018

Hello, any news on how to synchronize ARIS with the LDAP at once?

In addition, when clicking the "Synchronize with LDAP" button after choosing a particular user, that user appears duplicated on the UMC: how can we address this issue from the ARIS Connect standpoint?

Thank you in advance for your assistance

Best regards

Pedro.

Like

Sign in
or register to reply.

Notify Moderator
MZ

M. Zschuckelt on November 28, 2018

Have you tried to do the following on the user list in UMC:

Additional functions -> Start LDAP import.

I am not an expert on these matters. I believe this will execute an LDAP query you configured and synchronize all LDAP users with the LDAP directory. It will also delete users that don't exist in LDAP any more.

I think the reason for the duplication of your user is this:

A user is either controlled (and authenticated) by LDAP or UMC. So if you import a user from LDAP for the first time any user of the same name you created in UMC will remain untouched. The synchronization will only happen with the user originating from the LDAP (also any deletion can only affect users originally imported from LDAP). So best thing is: Delete the UMC user after you synchronized the LDAP one. Usually you don't want UMC users side by side with LDAP users. If you want you can also synchronize user groups and group memberships with LDAP. This way you can maintain those entirely in the LDAP with your existing processes.

Like

Sign in
or register to reply.

Notify Moderator
PG

Pedro Guerrero Author on November 28, 2018
Thank you very much for your answer, M. Zschuckelt. I will explain this a little better because I forgot to give some details.

At the time we set the parameters on Configuration/User Management/LDAP we connected successfully to our customer's Active Directory

Then we brought all the directory by issuing UMC's Additional functions -> Start LDAP import.

(so far so good)

But when we detected the duplication issue after Syncing with LDAP , we did a test by choosing a random user brought from Active Directory (without any previous equivalent UMC user) and tried syncing with LDAP and after that, this random user appears twice,

I'm not sure if I explained a little better this time. If you have further questions, just let me know and I'll reply shortly.

Again, thank you very much.

Regards

Pedro.
Like

Sign in
or register to reply.

Notify Moderator

Upcoming events

Thursday, June 12, 2025 - 09:00

ARIS Super User Group Meeting

Sign in

Reset Password